TraceSecurity rolls out cloud-based risk, compliance and audit tool

TraceSecurity today announced a cloud-based risk, compliance and audit tool that lets enterprises poll internal network assets and deliver live reports about how well the enterprise is keeping up complying with various security standards and regulations.

The tool, called TraceCSO, is largely cloud-based but does have a virtual appliance component for vulnerability assessment of enterprise computing and networking assets that needs to be installed on premises, according to Dariel LeBoeuf, TraceSecurity's executive vice president of sales and marketing. The tool is being tested by early adopters, including Lansing, Mich.-based Lake Trust Credit Union, which plans to deploy it to track remediation processes and assure the financial institution is in line with risk-compliance responsibilities.

"We can run these reports for auditors," says Richard Reinders, information security analyst at Lake Trust Credit Union, about how TraceCSO is being tested in its VMware-virtualized infrastructure. Though there may still need to be "some kinks" worked out with it, the tool works to track vulnerabilities and remediation of internal assets, and it can share information with other management tools that the bank is using.

TraceCSO can be configured to monitor and evaluate a network based on standards that include the Payment Card Industry (PCI) requirements, the NIST FISMA guidelines, and other regulations such as SOX and the banking FFIEC standards.

"TraceCSO takes these regulations, we pick the ones we're subject to, and it shares us the results in human-readable form," says Reinders.

Related Whitepapers

Copyright 2019 IDG Communications. ABN 14 001 592 650. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of IDG Communications is prohibited.